package ac.zlf.springmybatis.core.util;

import ac.zlf.core.util.security.Digests;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;

import net.iharder.Base64;
import org.apache.log4j.Logger;

public class SignatureValidate {
    private static final Logger logger = Logger.getLogger(SignatureValidate.class);
    private static final String ENCODING = "UTF-8";
    private static final String MAC_NAME = "HmacSHA1";

    public static boolean validateSignature(HttpServletRequest request, String signatureKey)
            throws IOException {
        return validateSignature(request.getParameter("au"), request.getParameter("tkn"), request.getMethod(), request.getScheme(), request.getRequestURI(), request.getQueryString(), signatureKey);
    }

    public static boolean validateSignature(String signature, String secretToken, String method, String schema, String basePath, String queryString, String signatureKey)
            throws IOException {
        if (signatureKey == null) {
            logger.error("signatureKey is null");
            return false;
        }
        if (signature == null) {
            logger.error("signature is null");
            return false;
        }
        if (secretToken == null) {
            logger.error("secret token is null");
            return false;
        }
        byte[] keyBytes = Base64.decode(signatureKey);
        SecretKey key = new SecretKeySpec(keyBytes, "HmacSHA1");
        try {
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(key);

            String uri = String.format("%s+%s+%s+%s", new Object[]{method, schema, basePath, queryString});
            uri = uri.replace("&au=" + URLEncoder.encode(signature, "UTF-8"), "");
            uri = uri.replace("&tkn=" + URLEncoder.encode(secretToken, "UTF-8"), "");
            mac.update(uri.getBytes("UTF-8"));
            return Base64.encodeBytes(mac.doFinal()).equals(signature);
        } catch (NoSuchAlgorithmException e) {
            logger.error(e.getClass().getName(), e);
        } catch (InvalidKeyException e) {
            logger.error(e.getClass().getName(), e);
            e.printStackTrace();
        } catch (IllegalStateException e) {
            logger.error(e.getClass().getName(), e);
        } catch (UnsupportedEncodingException e) {
            logger.error(e.getClass().getName(), e);
        }
        return false;
    }

    public static boolean validateSignature(String currentTime, String nonce, String secretToken, String signatureKey, String signature) {
        if (signatureKey == null) {
            logger.error("signatureKey is null");
            return false;
        }
        if (signature == null) {
            logger.error("signature is null");
            return false;
        }
        if (secretToken == null) {
            logger.error("secret token is null");
            return false;
        }
        return Digests.sha1(String.format("%s.%s.%s.%s", new Object[]{currentTime, nonce, secretToken, signatureKey})).equals(signature);
    }
}



/* Location:           D:\repository\cc\hwtech\core\2.0.1-school-SNAPSHOT\core-2.0.1-school-SNAPSHOT.jar

 * Qualified Name:     SignatureValidate

 * JD-Core Version:    0.7.0.1

 */
